Learn Windows XP Professional in 15 Minutes a Week: TCP/IP Protocol within Windows XP Professional

Monday Jul 29th 2002 by ServerWatch Staff

Share:

Jason Zandri's latest article in the Learning Windows XP Professional in 15 Minutes a Week series introduces the TCP/IP Protocol by providing a detailed overview of the default protocol in use for the Internet.

Welcome to
this week's installment of Learn Windows XP Professional in
15 minutes a week, the 12th in this series. This article
will cover the TCP/IP Protocol within Windows XP
Professional.

Transmission Control Protocol/Internet Protocol Overview

The
Transmission Control Protocol/Internet Protocol is a network
communication protocol that can be used as a communications
protocol on private networks and is the default protocol
in use on the internet. When you set up any system to have
direct access to the Internet -- whether it is via dial-up or
one of the high speed technologies in use today -- your system
will need to utilize the TCP/IP protocol (whether it is a
Windows-based system or not).

Also, if the given system needs to communicate to other
TCP/IP systems on the local LAN or WAN, it will need to
utilize the TCP/IP protocol as well.

[NOTES FROM THE FIELD] - Indirectly connected computers, such as those on a LAN
that connect to the internet via certain default gateways, certain
types of routers, Proxy Servers, ISA Servers or other
indirect means, do not necessarily need to use the TCP/IP
protocol. They need only utilize the network protocol in use for
their LAN, where that LAN protocol would communicate with
the directly connecting mechanism, whether it be a default gateway, router,
Proxy Server or other direct device. That directly connected device, however, would need to use the Internet's default
protocol of TCP/IP.

TCP/IP is technically made up of two protocols. The upper layer,
Transmission Control Protocol, on the sending system is
responsible for breaking down the data into smaller packets
to be transmitted over the network (local and internet),
while the TCP layer on the receiving node reassembles the
packets it receives back into the original data structure.

The lower layer, Internet Protocol, addresses each
individual packet so that it gets delivered to the correct
node. Each routing device on the network, be it a hardware
router or a server system that is performing routing
functions, will check the destination address to see where
to forward the message.

The TCP/IP suite of protocols maps to a four-layer
conceptual model that is based on the seven layer Open
System Interconnection (OSI) protocol model.

The detailed function of each layer of the Open System
Interconnection (OSI) protocol model is beyond the scope of
this topic; however, the 60-second overview is as follows:

Physical Layer - Defines the interface between the
medium and the device. This layer also transmits bits (ones
and zeros) and defines how the data is transmitted over the
physical medium. Some examples of Network Components found
at this layer are Multiplexers, Passive Hubs, Active Hubs,
Repeaters and other types of signal Amplifiers

Data Link Layer - This layer is actually divided into
two sublayers -- Logical Link Control, which mainly handles
error correction and flow control, and Media Access Control,
which mainly handles the communication with the network
adapter card. Some examples of Network Components found at
the Data Link layer are Bridges, Switches and certain
Advanced Cable Testers.

Network Layer - This OSI layer is responsible for
translating logical network addresses and names such as
computernames to their MAC addresses and for addressing and
routing data packets over the network. If routers at this
layer can't forward the data frames as large as the source
node has sent, this OSI layer will break down the data into
smaller units that the devices can handle. Some examples of
Protocols found at the Network Layer are IP, ARP, RARP,
ICMP, RIP, OSFP, IGMP, IPX, NWLink and NetBEUI. Some
examples of Network Components found at this layer are
Brouters, Routers, some types of ATM Switches and Frame
Relay hardware.

Transport Layer - The Transport Layer adds an
additional connection below the Session layer and helps
manage data flow control between nodes on the network. This
layer divides the data into packets on the sending node, and
the transport layer of the receiving node reassembles the
message from packets. The Transport Layer provides
error-checking to guarantee error-free data delivery by
requesting retransmission if some packets don't arrive
error-free. It also sends acknowledgment of successful
transmissions back to the sending node. Some examples of
Protocols found at this layer are TCP, ARP, RARP, SPX and
NWLink. Some examples of Network Components found at the
Transport Layer are Gateways and certain types of Brouters.

Session Layer - This OSI layer, as the name implies,
establishes, maintains and ends sessions between
transmitting nodes across the network and manages which node
can transmit data at a certain time and for how long. Some
examples of Protocols found at this layer are Names Pipes,
NetBIOS Names, RPC and Mail Slots. Some examples of Network
Components found at the Session Layer are Gateways and
certain types of Proxy Servers.

Presentation Layer - The Presentation Layer
technically performs the translation of the data from the
way applications understand it to the way networks
understand it on the transmission end and then back on the
receiving node. It is responsible for protocol conversions,
data encryption / decryption, and data compression /
decompression where the network is considered. Some examples
of Network Components found at the Presentation Layer are
Gateways and certain types of Redirectors. There are no
Protocols that normally operate in this layer.

Application - The Application Layer of the OSI model
allows access to network services for applications
specifically written to run over the network, such as e-mail
and file transfer programs such as FTP. There are many
Protocols found at the Application Layer, some of which
include FTP, TFTP, BOOTP, SNMP, SMTP, TELNET, NCP, and SMB.

As mentioned previously, the TCP/IP suite of protocols maps to a four-layer conceptual model based on the seven layer Open System Interconnection (OSI) protocol model. The TCP/IP four-layer conceptual model maps out as follows:

Network Interface Layer -
This layer effectively puts the frames on the wire from the
sending node and pulls frames off the wire at the receiving
node. As such, it basically correlates to the Physical Layer of the
OSI model.

Internet Layer - The Internet
Layer protocol of the TCP/IP suite encapsulate packets into
Internet datagrams. There are four Internet protocols that
operate at this layer. The Internet Layer basically (but not
entirely) correlates to the Network Layer of the OSI model.

IP

The Internet Protocol
provides connectionless packet delivery for all other
protocols and does not guarantee packet arrival or
correct packet sequence, nor does it acknowledge packet
delivery. IP has the main responsibility of addressing
and routing packets between nodes, and it does not try to
recover from network errors.

ARP

The Address Resolution
Protocol maps IP addresses to physical machine
addresses (MAC addresses) that are located on the LAN.
IP broadcasts a special ARP inquiry packet containing
the IP address of the destination system. The system
that owns the IP address replies by sending its physical
address to the requester. The MAC sublayer communicates
directly with the network adapter card and is
responsible for delivering error-free data between
network.

ICMP

The Internet Control Message
Protocol is a message control and error-reporting
protocol used between network nodes. Higher-level
protocols use the information in these datagrams to
recover from any transmission or other errors.

IGMP

The Internet Group
Management Protocol provides a way for nodes to report
their multicast group membership to nearby multicast
routers. Multicasting allows nodes to send content to
multiple other nodes within that multicast group by
sending IP multicast traffic to a single MAC address (but
by allowing it to be processed by multiple nodes). IGMP
is part of the Network layer of the OSI model. Windows
XP Professional supports multicast for things such as
Windows 2000 Server NetShow Services.

Transport
Layer - The two Transport layer protocols provide
communication sessions between computers, and these sessions
can be connection-oriented or connectionless, as outlined
below. The Transport Layer basically (but not entirely)
correlates to the Transport Layer of the OSI model.

TCP

The Transmission Control
Protocol is a connection-oriented protocol that provides
reliable communication by assigning a sequence number to
each segment of data that is transmitted so that the
receiving host can send an acknowledgment (ACK) to
verify that the data was received. If an ACK is not
received, the data is retransmitted. TCP guarantees the
delivery of packets, ensures proper sequencing of the
data, and provides a checksum feature that validates
both the packet header and its data for accuracy.

UDP

User Datagram Protocol
is a connectionless protocol that does not guarantee the
delivery or the correct sequencing of packets.
Applications that use UDP typically transfer small
amounts of data at once and the data sent is usually not
considered critical. TFTP (Trivial File Transfer
Protocol) uses UDP.

Application Layer - The
Application Layer is where applications that are
specifically written to operate over networks gain their
access. There are two TCP/IP services, Winsock and the
NetBIOS over TCP/IP (NetBT) interface, that network
applications most commonly use on Windows XP Professional
networks. The Application Layer basically (but not entirely)
correlates to the Application Layer of the OSI model.

Winsock

Winsock is the standard
interface used for socket-based applications and TCP/IP
protocols. Winsock allows the network application to
bind to a specific port and IP address on a node,
initiate and accept a connection, send and receive data,
and then close the connection.

NetBT

NetBIOS over TCP/IP is
the standard interface for NetBIOS services, including
name, datagram, and session services. It also provides a
standard interface between NetBIOS-based applications
and TCP/IP protocols ,and it is the network component that
performs computer name to IP address mapping name
resolution. There are currently four NetBIOS over TCP/IP
name resolution methods: b-node, p-node, m-node and
h-node.

That's a
wrap for this week. Be sure to check back in next week for
the next article in this series which will cover TCP/IP Addressing in Windows XP Professional.

In
the meantime, best of luck in your
studies and please feel free to contact me with any
questions on my column. And remember,

"A hacker's worst nightmare is that Server Administrators
will wake up and do their job"